OPNsense automatic Outbound NAT rules not created or created on wrong interface

by James McDonald | Jun 9, 2026 | IT Tips | 0 comments

OPNsense in Azure with DHCP assigned IPv6 and IPv4 interfaces

Automatic outbound NAT rules created on the LAN interface

Disable the auto-created LAN gateways (Look under System => Gateways => Configuration) (Disable the LAN_DHCP and LAN_DHCP6 Gateways)

No automatic outbound NAT rules created on WAN interface

Change the WAN interface IPv4 and IPv6 configs to be static in both the Azure portal and configure static addresses in OPNSense WAN interface. Assign the same settings to the WAN interface as they were when using DHCP DHCPv6

Example settings:

IPv4IPv6
WAN Subnet10.6.1.0/24fdc6:e269:0cbf:1:/64
WAN IP10.6.1.4/24fdc6:e269:0cbf:1::4/64
WAN Gateway10.6.1.1fe80::1234:5678:9abc ^

^ Although this does NOT match the above IPv6 IP and subnet addresses, this is the IPv6 address for the local gateway in Azure. Use this special address as the gateway.

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.